Security
A security operations center (SOC) analyst investigates the propagation of a memory-resident virus across the network and notices a rapid consumption of network bandwidth, causing a Denial of Service (DoS). What type of virus is this?
A worm
A virus
A bug
A worm
Which of the following attacks do security professionals expose themselves to, if they do not salt passwords with a random value?
A rainbow table attack
Dictionary
Open source
A rainbow table attack
An attacker performed a Distributed Denial of Service (DDoS) attack by compromising multiple zombie (agent) PCs with DoS tools. What is the control program that enables the attacker to exploit these computers to perform the DDoS attack?
A bot
Before installing a browser plug-in, a user accepted a 30-page license agreement which stated that their data would be monitored, and their activity would be sent to a third party. What type of software did the user install?
Adware
If a user's device becomes infected with crypto-malware, which of the following is the best way to mitigate this compromise?
Have up-to-date backups of the encrypted files.
cybersecurity received alerts about browser pop-ups. analysts discovered sites redirecting to malicious websites due to modified DNS (Domain Name System) queries. What did the computers most likely get infected with?
Spyware
What is a brute force attack
the password cracker tries every possible combination of characters
A malicious actor recently penetrated a company's network and moved laterally to the datacenter. Upon investigation, a forensics firm wants to know what was in the memory on the compromised server. Which of the following files should be given to the forensics firm?
Security
Application
Dump
Syslog
Syslog
A retail executive recently accepted a job with a major competitor. The following week, a security analysis reviews the security logs and identifies successful logon attempts to access the departed executives accounts. Which of the following security practices would have addressed the issue.
Offboarding
There's a company that turns dead bodies into an ocean reef.
True
False
True
High heeled shoes were originally what?
created for men
An attacker used an exploit to steal information from a mobile device, which allowed the attacker to circumvent the authentication process. The mobile device is vulnerable to which of the following attacks?
Bluesnarfing
A system administrator needs to implement an access control scheme that will allow an objects access policy to be determined by its owner. Which of the following access controls schemes BEST fits the requirements?
Discretionary access control
Remote access control
User access control
Discretionary access control
Bubble Wrap was originally intended to be used as?
3D wallpaper
A global pandemic is forcing a private organization to close some business units and reduce staffing at others. Which of the following would be BEST to help the organization's executives determine their next course of action?
Incident response plan
Communications plan
Disaster recovery plan
Business continuity plan
Business continuity plan
Under GDPR, which of the following is MOST responsible for the protection of privacy and website rights?
Data Controller
Data Owner
Data processor
Data Protection Officer
Data Controller
A malicious user sniffed credentials exchanged between two computers by intercepting communications between them. What type of attack did the attacker execute?
A Man-in-the-Middle attack
Pushing Attack
Open Source Attack
Trojan Attack
A Man-in-the-Middle attack
This almost featured the heads of famous American West heroes, like Buffalo Bill Cody, but the lead sculptor argued that the subjects should be more recognizable.
Mount Rushmore
A secrity adminsitrator needs to create a RAID configuration that is focused on high read speeds and fault tolerance. It is unlikely that muuiliple drives will fail simultaneously. Whcih fo the following RAID configurations should the administrator use?
RAID 0
RAID 1
RAID 5
RAID 10
RAID 10
A company's Chief Information Office (CIO) is meeting with the Chief Information Security Officer (CISO) to plan some activities to enhance the skill levels of the company's developers. Which of the following would be MOST suitable for training the developers?
A capture the flag competition
A phishing simulation
Physical security training
Basic awareness training
A capture the flag competition
A security analyst's scans and network logs show that unauthorized devices are connecting to the network. After tracing this down, the analyst discovered a tethered smartphone creating a backdoor to gain access to the network. What describes this device?
A rogue access point (AP)
A manager who is responsible for a data set has asked a security engineer to apply encryption to the data on a hard disk. The security engineer is an example of a:
data controller
data owner
data custodian
data processor
data processor
A low level distributed denial of service (DDoS) attack that involves SYN or SYN/ACK flooding describes what type of attack?
Network
A security analyst's scans and network logs show that unauthorized devices are connecting to the network. After tracing this down, the analyst discovered a tethered smartphone creating a backdoor to gain access to the network. Which of the following describes this device?
Rogue AP
A public relations team will be taking a group of guests on tour through the facility of a large e-commerce company. The day before the tour, the company sends out an email to employees to ensure all whiteboards are cleaned and all desk are cleared. teh company is MOST likely trying to protect against:
loss of proprietary information
damage to the company's reputation
social engineering
credential exposure
loss of proprietary information